Newly crowned Miss Teen USA Cassidy Wolf is allegedly the latest victim of sextortion.
According to the LA Times, the Federal Bureau of Investigation (FBI) confirmed on Wednesday that it’s investigating claims by Wolf and other women who say that their webcams were hacked, photos or video were taken surreptitiously, and that the hacker or hackers then demanded money in exchange for keeping the photos out of public disclosure.
Wolf, of Orange County, California, was Miss California Teen USA before winning the Miss Teen USA pageant over the weekend at the Atlantis Hotel in the Bahamas.
19-year-old Ms. Wolf has told reporters that prior to being crowned, she received an anonymous email from someone who claimed to have nude photos of her, taken via the webcam on her computer.
Wolf told Today News that about four months ago, Facebook notified her about somebody trying to log into her account from another state.
She then received an email saying that the person had photos of her taken in her bedroom via her computer’s hacked webcam. The person, who hasn’t been named in the ongoing federal investigation, tried to extort her in exchange for keeping the photos from being made public.
As if everyday webcam hacking weren’t shocking enough, this case apparently involves a webcam that was hacked without the telltale camera light coming on to indicate that it was recording.
This is how Ms Wolf tells it:
"I wasn't aware that somebody was watching me [on my webcam]. The [camera] light didn't even go on, so I had no idea."
Is that possible? Can webcams be rigged so as to record without the light coming on?
Sophos Senior Security Advisor Chester Wisniewski has looked at the issue, and he says it depends:
"Some laptops allow you to turn the light on and off in software, others only work physically. I think it is certainly possible, if unlikely."
But if it’s unlikely to suffer a webcam hacking that manages to turn off the camera’s “on” light, plain old vanilla webcam hacking that leaves the light on isn’t very unlikely at all.
In fact, as the BBC reported in June, there’s a thriving black market for access to computers whose webcams have been compromised.
Stolen webcam video of females cost $1 per “slave,” as they’re called. Stolen video of male slaves goes for $1/100 slaves.
As for Ms. Wolf, she has turned her alleged victimization into a crusade. Today News reports that after she was named Miss California, she traveled to schools to raise awareness about cybercrime among teens.
Her advice to teens is to routinely clear their browsing history and change their password into something difficult to guess.
She’s quoted by International Business Times on password hygiene:
"I had the same password for years. But now seeing that someone can hack into my stuff just by downloading an incorrect link, it's very important to change your passwords, delete your cookies."
Having a safe password is absolutely the right way to go. Here’s one way to create one.
I would also suggest to Ms. Wolf that if she’s not telling teens this already, to please urge them against using the same password on multiple sites.
And since multiple hard-to-crack passwords can be tough to wrangle, Ms. Wolf also might want to suggest the use of a password manager, such as KeePass, 1Password or LastPass.
When we report on webcam spying at Naked Security, we typically tell users to keep an eye on the light. That, evidently, won’t stop remote hackers of webcams who manage to turn off the camera light via accessing its software.
But given that, as Chet notes, such a hack is unlikely, it’s still a good idea to keep an eye on the light. Better still, cover it with a patch – a tiny piece of black tape, say, or a sticker or bandage – when you’re not using the camera.
Ms. Wolf, for her part, has said that she’s prepared for another attack by putting a sticker over her webcam when it’s not in use.
Nice going on your cybercrime defense education work, Ms. Wolf, and best of luck with your continued studies, be it with your beloved jazz dancing or the hair-raising world of cybercrime.
Image of Cassidy Wolf courtesy of Glenn Francis. Image of webcam courtesy of Shutterstock.
18 comments on “Miss Teen USA 2013 says sextortionist hacked webcam to snap bedroom photos”
I am also a victim of this type of hacking and until now, I am still hacked. The creepy thing is, this guys are in the room beside our room.
Mell, if this is the case, I'd recommend either consulting a lawyer, or backing up all of your personal files on your computer, completely wiping the hard drive, and reinstalling all of your files to remove their access. Have a password on your wifi, and don't click on or follow suspicious links, emails, or web pages. Also make sure that any sharing on your computer is off.
Never mind the lawyer. Go straight to the police! It is illegal to both hack a computer and to spy on someone. if the people are in the same building as you, the matter could be resolved in minutes.
I agree with Mark. Go to the police immediately. If you wipe your computer, you will probably destroy evidence that could be used to prosecute.
What the heck was she doing with a webcam in her bedroom? Aside from the fact that 99.99% of the people who use the internet do not understand the security risks, why would you leave a camera (or your laptop) on all the time. If it's connected to the internet, it can be hacked. People think I'm crazy for powering down my computer, dsl modem and firewall when I am not using the computer. When I leave the modem and firewall on and look at the log for the time they were on and the computer was off, I can find attempts to penetrate my firewall between once every 3 to 15 minutes on just about every tcp port.
Most people I know, young and old, leave their computers on all night. Nothing incredulous about that.
Just one more stupid thing that people do. I turn my computer off if I am going to be away from it for more than an hour. Mostly to save energy but also to make it just that much more difficult to be hacked. I was brought up on the admonition "when you leave the room turn out the lights."
A lot of laptops have the camera built-in to the cover. If you leave the computer run the camera hardware is accessible, which is a good thing if you use Skype or other methods of video telecommunications.
The best would be to close the lid and unplug the computer for the night. Hmmm…, maybe she's an MFC model!
Does anybody else think this might be something other than a hacker? How many recent pageant winners have been outed because they sent "Sexytime" photos from their phones or webcams to past lovers and forced to give up their crown? Carrie Prejean comes immediately to mind. Funny thing, Prejean was also a Miss California. What are the chances that Miss Teen here knew she had some out there and decided to start this "crusade" before they could surface? Now if some naughty pictures of her show up, she can just say the "hacker" took them.
Pretty shrewd if you ask me. Also, I'm not quite sure how deleting your browser history can protect you from hackers, I mean unless she's talking about being blackmailed for their "how to clear up the clap" Google searches.
And people laugh at me because the webcam on my laptop has a bandaid on it! 🙂
I use the same "Patch". Nothing better than a "Hardware" method of protecting one's privacy
I would not be surprised if it was the NSA. Bunch of perverts they don't care about any ones privacy.
"it's still a good idea to keep an eye on the light. Better still, cover it with a patch" – just to be clear: the patch should be placed over the camera's lens aperture, not the light 😉
Cover the thing up, unplug it or turn it around… too easy.
Hmmm… cover the camera up… turn it around… unplug… so much for being the "Tech Savvy Generation"…
BTW what does "surreptitiously" mean? Can't find in any dictionary, please describe it for me.
From the Oxford Dictionary of American English: "kept secret, especially because it would not be approved of."
Because people are in the privacy of their homes, they dont think of being connected to the internet as essentially being in public.
It's not crazy to cover your webcam. It's one less thing to worry about.
I want to protect my internet privacy, which is not any crazier than curtains on the window.